readtheplan 0.0.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: readtheplan
|
|
3
|
+
Version: 0.0.1
|
|
4
|
+
Summary: Terraform plan risk explainer — reads `terraform plan` and classifies each change as safe/review/dangerous/irreversible. Pre-MVP namespace placeholder.
|
|
5
|
+
Author: texasich
|
|
6
|
+
License: MIT
|
|
7
|
+
Project-URL: Homepage, https://github.com/readtheplan/readtheplan
|
|
8
|
+
Project-URL: Repository, https://github.com/readtheplan/readtheplan
|
|
9
|
+
Project-URL: Issues, https://github.com/readtheplan/readtheplan/issues
|
|
10
|
+
Keywords: terraform,iac,devops,devsecops,compliance,plan,review
|
|
11
|
+
Classifier: Development Status :: 1 - Planning
|
|
12
|
+
Classifier: Intended Audience :: Developers
|
|
13
|
+
Classifier: Intended Audience :: System Administrators
|
|
14
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
15
|
+
Classifier: Programming Language :: Python :: 3
|
|
16
|
+
Classifier: Topic :: Software Development :: Build Tools
|
|
17
|
+
Classifier: Topic :: System :: Systems Administration
|
|
18
|
+
Requires-Python: >=3.9
|
|
19
|
+
Description-Content-Type: text/markdown
|
|
20
|
+
License-File: LICENSE
|
|
21
|
+
Dynamic: license-file
|
|
22
|
+
|
|
23
|
+
# readtheplan
|
|
24
|
+
|
|
25
|
+
> Read the plan. Every time. For real.
|
|
26
|
+
|
|
27
|
+
`readtheplan` is a Terraform plan risk explainer. It reads `terraform plan` output, classifies each change as **safe / review / dangerous / irreversible** based on the action × resource type × what compliance context it touches, and posts a markdown summary your release manager (or auditor, or AI agent) can read in 30 seconds.
|
|
28
|
+
|
|
29
|
+
## status
|
|
30
|
+
|
|
31
|
+
🚧 **Pre-MVP.** This namespace is locked but no functional release exists yet. Watch / star to follow.
|
|
32
|
+
|
|
33
|
+
## why this exists
|
|
34
|
+
|
|
35
|
+
Terraform's plan/apply separation exists so a human reviews changes before they hit prod. In practice:
|
|
36
|
+
|
|
37
|
+
- the diff in code ≠ the diff in plan (renames show as destroy+create, provider bumps mutate untouched resources, `apply_immediately` flips have hidden timing implications)
|
|
38
|
+
- AI agents now write Terraform PRs — most don't read the plan critically, they apply because "the test passed"
|
|
39
|
+
- compliance reviewers (FinServ, healthcare, government) need a structured risk classification, not a 4,000-line text blob
|
|
40
|
+
- existing tools either show prettier plans (Spacelift, env0) or scan code for policy violations (tflint, tfsec, checkov). Nobody opinionates the **plan diff** with blast-radius context.
|
|
41
|
+
|
|
42
|
+
## philosophy
|
|
43
|
+
|
|
44
|
+
Anchored in this field note: **[terraform-apply-is-roulette](https://github.com/texasich/sre-field-notes/blob/main/notes/terraform-apply-is-roulette.md)**. If you've ever shipped a panic on `terraform validate` or watched a forward-fix cascade into a longer outage, this tool is built for you.
|
|
45
|
+
|
|
46
|
+
## planned MVP scope
|
|
47
|
+
|
|
48
|
+
1. CLI: `readtheplan analyze plan.json` → markdown table of changes with risk levels
|
|
49
|
+
2. plain-english explainer per resource type (top ~30 high-risk patterns covered out of the box: KMS, IAM, RDS replacements, S3 bucket destroys, EKS node-group replacements, route53 zone deletes, network ACL strips)
|
|
50
|
+
3. AI-agent attestation header — flag whether an agent claims to have read the plan
|
|
51
|
+
4. GitHub Action wrapper: install as `uses: readtheplan/action@v1`, posts a markdown PR comment
|
|
52
|
+
5. YAML rule customization: define org-specific rules ("anything in account 1234 is `review`")
|
|
53
|
+
|
|
54
|
+
## what's *not* in scope (and won't be)
|
|
55
|
+
|
|
56
|
+
- multi-cloud beyond AWS (initial focus)
|
|
57
|
+
- a SaaS dashboard (defer until revenue justifies)
|
|
58
|
+
- a policy-as-code engine (OPA / Sentinel already exist)
|
|
59
|
+
- competing with Spacelift / env0 / Snyk IaC on overlapping features
|
|
60
|
+
|
|
61
|
+
## license
|
|
62
|
+
|
|
63
|
+
MIT — see [LICENSE](./LICENSE).
|
|
64
|
+
|
|
65
|
+
## contact
|
|
66
|
+
|
|
67
|
+
OSS contributions welcome once the v0.1 lands. Until then, this is a namespace placeholder. Author: [@texasich](https://github.com/texasich).
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
readtheplan-0.0.1.dist-info/licenses/LICENSE,sha256=PBe3aoK19NzjaeZhtFCYJftx9HZRZuxlWmeR5r2WENA,1081
|
|
2
|
+
readtheplan-0.0.1.dist-info/METADATA,sha256=gbYrrKc7LiPW7MkbvsqEN5FfzXmJZ_wOHozeTlBocyc,3583
|
|
3
|
+
readtheplan-0.0.1.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
|
|
4
|
+
readtheplan-0.0.1.dist-info/top_level.txt,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
|
|
5
|
+
readtheplan-0.0.1.dist-info/RECORD,,
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 readtheplan contributors
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
|